Security Advisory

CVE-2026-26234

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-12 02:31:11
Last updated 2026-03-05 01:31:03
Assigner VulnCheck
State PUBLISHED

Description

JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override request URLs by injecting arbitrary values in the X-Forwarded-Host header. Attackers can manipulate proxied requests to generate tainted responses, enabling cache poisoning, potential phishing, and redirecting users to malicious domains.